Enviar pesquisa
Carregar
The Importance of Protocol Analyzers in Solving Network Issues
•
1 gostou
•
279 visualizações
Título melhorado com IA
Lisa Menestrina
Seguir
Tecnologia
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 43
Baixar agora
Baixar para ler offline
Recomendados
Big Data Approaches to Cloud Security
Big Data Approaches to Cloud Security
Paul Morse
6414 preparation and planning of the development of a proficiency test in the...
6414 preparation and planning of the development of a proficiency test in the...
Damir Delija
Remote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draft
Damir Delija
Network Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10G
Savvius, Inc
Cybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
TechBiz Forense Digital
encase enterprise
encase enterprise
Damir Delija
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)
Digital Bond
Iqr Brochure Final
Iqr Brochure Final
DmitriHubbard
Recomendados
Big Data Approaches to Cloud Security
Big Data Approaches to Cloud Security
Paul Morse
6414 preparation and planning of the development of a proficiency test in the...
6414 preparation and planning of the development of a proficiency test in the...
Damir Delija
Remote forensics fsec2016 delija draft
Remote forensics fsec2016 delija draft
Damir Delija
Network Forensics - Your Only Choice at 10G
Network Forensics - Your Only Choice at 10G
Savvius, Inc
Cybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
TechBiz Forense Digital
encase enterprise
encase enterprise
Damir Delija
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)
Digital Bond
Iqr Brochure Final
Iqr Brochure Final
DmitriHubbard
Making pentesting sexy ossams - BSidesQuebec2013
Making pentesting sexy ossams - BSidesQuebec2013
BSidesQuebec2013
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
Aravind R
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
Tom LaGatta
Hh 2012-mberman-sds2
Hh 2012-mberman-sds2
Michael Berman
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
Digital Bond
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
Positive Hack Days
EnCase Enterprise Basic File Collection
EnCase Enterprise Basic File Collection
Damir Delija
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
Digital Bond
DGRZETICH_TDC531_Presentation
DGRZETICH_TDC531_Presentation
Deron Grzetich, CISSP, CISM, GCIH
Defcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networks
Priyanka Aash
Enterprise Forensics 101
Enterprise Forensics 101
Mona Arkhipova
CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)
Sam Bowne
Big Data Shouldn't Be Big
Big Data Shouldn't Be Big
Napier University
Detecting Hacks: Anomaly Detection on Networking Data
Detecting Hacks: Anomaly Detection on Networking Data
James Sirota
Khalid film vs digital presentation2
Khalid film vs digital presentation2
khalid_a796
Inspired Writing Principals Reflection Tpack Sm
Inspired Writing Principals Reflection Tpack Sm
Dan Maas
Editing terminology and glossary
Editing terminology and glossary
matt_raybould98
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
TAUS - The Language Data Network
Tips for Effective Business Writing
Tips for Effective Business Writing
Stacy Harter
New in Adobe Technical Communication Suite 3 by @rjacquez
New in Adobe Technical Communication Suite 3 by @rjacquez
RJ Jacquez
Enc 3250 professional writing: Midterm Reflection
Enc 3250 professional writing: Midterm Reflection
emhamel0136
Mais conteúdo relacionado
Mais procurados
Making pentesting sexy ossams - BSidesQuebec2013
Making pentesting sexy ossams - BSidesQuebec2013
BSidesQuebec2013
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
Aravind R
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
Tom LaGatta
Hh 2012-mberman-sds2
Hh 2012-mberman-sds2
Michael Berman
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
Digital Bond
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
Positive Hack Days
EnCase Enterprise Basic File Collection
EnCase Enterprise Basic File Collection
Damir Delija
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
Digital Bond
DGRZETICH_TDC531_Presentation
DGRZETICH_TDC531_Presentation
Deron Grzetich, CISSP, CISM, GCIH
Defcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networks
Priyanka Aash
Enterprise Forensics 101
Enterprise Forensics 101
Mona Arkhipova
CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)
Sam Bowne
Big Data Shouldn't Be Big
Big Data Shouldn't Be Big
Napier University
Detecting Hacks: Anomaly Detection on Networking Data
Detecting Hacks: Anomaly Detection on Networking Data
James Sirota
Mais procurados
(15)
Making pentesting sexy ossams - BSidesQuebec2013
Making pentesting sexy ossams - BSidesQuebec2013
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
conf2015_TLaGatta_CHarris_Splunk_BusinessAnalytics_DeliveringHighLevelAnalytics
Hh 2012-mberman-sds2
Hh 2012-mberman-sds2
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
EnCase Enterprise Basic File Collection
EnCase Enterprise Basic File Collection
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)
DGRZETICH_TDC531_Presentation
DGRZETICH_TDC531_Presentation
Defcon 22-gregory-pickett-abusing-software-defined-networks
Defcon 22-gregory-pickett-abusing-software-defined-networks
Enterprise Forensics 101
Enterprise Forensics 101
CNIT 121: 17 Remediation Introduction (Part 1)
CNIT 121: 17 Remediation Introduction (Part 1)
Big Data Shouldn't Be Big
Big Data Shouldn't Be Big
Detecting Hacks: Anomaly Detection on Networking Data
Detecting Hacks: Anomaly Detection on Networking Data
Destaque
Khalid film vs digital presentation2
Khalid film vs digital presentation2
khalid_a796
Inspired Writing Principals Reflection Tpack Sm
Inspired Writing Principals Reflection Tpack Sm
Dan Maas
Editing terminology and glossary
Editing terminology and glossary
matt_raybould98
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
TAUS - The Language Data Network
Tips for Effective Business Writing
Tips for Effective Business Writing
Stacy Harter
New in Adobe Technical Communication Suite 3 by @rjacquez
New in Adobe Technical Communication Suite 3 by @rjacquez
RJ Jacquez
Enc 3250 professional writing: Midterm Reflection
Enc 3250 professional writing: Midterm Reflection
emhamel0136
Destaque
(7)
Khalid film vs digital presentation2
Khalid film vs digital presentation2
Inspired Writing Principals Reflection Tpack Sm
Inspired Writing Principals Reflection Tpack Sm
Editing terminology and glossary
Editing terminology and glossary
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
Terminology Life Cycle Management Increasing Company-Wide Terminology Collabo...
Tips for Effective Business Writing
Tips for Effective Business Writing
New in Adobe Technical Communication Suite 3 by @rjacquez
New in Adobe Technical Communication Suite 3 by @rjacquez
Enc 3250 professional writing: Midterm Reflection
Enc 3250 professional writing: Midterm Reflection
Semelhante a The Importance of Protocol Analyzers in Solving Network Issues
RightScale Webinar: Security Monitoring in the Cloud: How RightScale Does It
RightScale Webinar: Security Monitoring in the Cloud: How RightScale Does It
RightScale
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Savvius, Inc
Unified Threat Management
Unified Threat Management
Tapas Shome
80211 the end of wireles or is it
80211 the end of wireles or is it
Interop
Myles firewalls
Myles firewalls
Shmulik Avidan
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Sagi Brody
Non-Functional Requirements
Non-Functional Requirements
David Simons
Tech Support in the Modern Age
Tech Support in the Modern Age
Lisa Menestrina
Customer Presentation
Customer Presentation
Splunk
Is the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the Sword
LiveAction Next Generation Network Management Software
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
Novell
KAI, the Information Specialist
KAI, the Information Specialist
aik762
Andrew kozma - security 101 - atlseccon2011
Andrew kozma - security 101 - atlseccon2011
Atlantic Security Conference
Network Troubleshooting.pptx
Network Troubleshooting.pptx
MohamedSafeer14
Don't Let History Repeat Itself – Network Monitoring and Reporting with Watch...
Don't Let History Repeat Itself – Network Monitoring and Reporting with Watch...
Savvius, Inc
Deployment Best Practices
Deployment Best Practices
MongoDB
Building data intensive applications
Building data intensive applications
Amit Kejriwal
Webinar: Deployment Best Practices
Webinar: Deployment Best Practices
MongoDB
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?
Savvius, Inc
Network Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeek
Savvius, Inc
Semelhante a The Importance of Protocol Analyzers in Solving Network Issues
(20)
RightScale Webinar: Security Monitoring in the Cloud: How RightScale Does It
RightScale Webinar: Security Monitoring in the Cloud: How RightScale Does It
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Visibility into 40G/100G Networks for Real-time and Post Capture Analysis and...
Unified Threat Management
Unified Threat Management
80211 the end of wireles or is it
80211 the end of wireles or is it
Myles firewalls
Myles firewalls
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Non-Functional Requirements
Non-Functional Requirements
Tech Support in the Modern Age
Tech Support in the Modern Age
Customer Presentation
Customer Presentation
Is the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the Sword
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
KAI, the Information Specialist
KAI, the Information Specialist
Andrew kozma - security 101 - atlseccon2011
Andrew kozma - security 101 - atlseccon2011
Network Troubleshooting.pptx
Network Troubleshooting.pptx
Don't Let History Repeat Itself – Network Monitoring and Reporting with Watch...
Don't Let History Repeat Itself – Network Monitoring and Reporting with Watch...
Deployment Best Practices
Deployment Best Practices
Building data intensive applications
Building data intensive applications
Webinar: Deployment Best Practices
Webinar: Deployment Best Practices
Your Applications Are Distributed, How About Your Network Analysis Solution?
Your Applications Are Distributed, How About Your Network Analysis Solution?
Network Analysis Tips and Tricks with OmniPeek
Network Analysis Tips and Tricks with OmniPeek
Último
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
HostedbyConfluent
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
Sinan KOZAK
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Último
(20)
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Slack Application Development 101 Slides
Slack Application Development 101 Slides
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
The Importance of Protocol Analyzers in Solving Network Issues
1.
The Importance of
Protocol Analyzers in Today's Networks Jim Thor – WP Professional Services WildPackets, Inc. www.WildPackets.com (925) 937-3200 © WildPackets, Inc. www.wildpackets.com
2.
The Early Days
of Protocol Analysis • We used to use Protocol Analyzers for Break/Fix ‒ Meaning we would try to fix the problem every other way before getting the protocol analyzer out of the cabinet and trying to figure out how to use it. • Protocol Analyzers were mostly text based decoders ‒ Good for bit level analysis, but very hard to use when looking for the needle in the haystack. • You had to physically be where you wanted to capture the packets ‒ No such thing back then as remote or distributed analysis The Importance of Protocol Analysis © WildPackets, Inc. 2
3.
Times Have Changed!
• Those shortcomings of early analyzers are gone ‒ Many of today’s analyzers are Graphical, Distributed and Historical • Networks are larger and faster than ever before ‒ Getting to 40Gbps now and soon to 100Gbps • Systems are faster and integrated into daily life ‒ There was a day when a computer was a ‘nice to have’. ‒ Most everyone now has a computer in their pocket, and uses it for daily tasks and communications. • Today’s networks are the life blood of businesses ‒ Without a well run network, your business may die! The Importance of Protocol Analysis © WildPackets, Inc. 3
4.
Is There a
Doctor in the House? © WildPackets, Inc. www.wildpackets.com
5.
How’s Your Network's
Health? • We have doctors to keep us healthy ‒ Businesses have Network Administrators and Engineers • But a doctor has to have tools ‒ He has his 5 senses and he is very well educated! ‒ His knowledge alone does not make for a good doctor! He has to be smart and have experience as well. • You better hope your doctor has the right tools ‒ Simple tools he could have stethoscope, a thermometer, a reflex hammer, etc ‒ These would be akin to network tools like ping, traceroute, and logs The Importance of Protocol Analysis © WildPackets, Inc. 5
6.
It’s All in
the Details! • Flow based reporting is nice… ‒ Flow information is a good start, but generally not good for understanding the details. It’s way too generic and high level. • Sometimes, you have to have the details, Period. ‒ But not always. There are a lot of available tools. The right tool depends on the question. • What is the question you are trying to answer? ‒ ‘Proof is in the Details’. With the details, you can answer almost ANY question. ‒ Generally, every question from overall utilization to what bit is set in a packet, can all be answered with a protocol analyzer. The Importance of Protocol Analysis © WildPackets, Inc. 6
7.
The Right Tools
Matter! • The tool should not impact the Network! • Simple tools are helpful and useful even today ‒ Simple tools like ping, tracert, etc., are still necessary and helpful • More advanced tools are necessary ‒ Netflow, S-Flow, and SNMP are helpful, but often leave too many questions unanswered • With the right tools, there is NO need to guess! ‒ Detail oriented tools (packet analysis) give the answers down to the bit level ‒ These tools can also answer questions ‘back in time’ using Network Forensics features The Importance of Protocol Analysis © WildPackets, Inc. 7
8.
Network Forensics
• Knowing what is happening on the network now ‒ Real time information is always important on any network • Often, it is important to go ‘Back in Time’ ‒ Security breaches happen before you know about them ‒ Replicating an issue is often not possible ‒ Why wait for an intermittent issue? Go ‘Back’ and see it! • Network Forensics features allow you to go back and find the packets from the past ‒ It may be that a server was hacked. Who did it, when, and what else did they do or what systems did they access! ‒ Also allows for Comparative Analysis, which makes the task of protocol analysis much easier and more accurate The Importance of Protocol Analysis © WildPackets, Inc. 8
9.
The Important Features of
a Good Protocol Analyzer © WildPackets, Inc. www.wildpackets.com
10.
The Necessary Features
Depend on Your Needs! • Most important is Ease of Use! ‒ Protocol Analysis can be hard. Having an analyzer that is hard to use adds unnecessary burden and time to the analysts tasks • Distributed and Local Capture capabilities ‒ Protocol Analysis is only accurate where you are capturing, so you usually want to capture at multiple locations to understand what is happening across the network at various locations • Software and Hardware Solutions ‒ Since you want to have as many capture points as possible, having a cost effective solution for deploying at the distribution and access switches is extremely important The Importance of Protocol Analysis © WildPackets, Inc. 10
11.
Additional Items to
Consider • Speeds and Feeds. ‒ Also make sure the devices are capable of captures on multiple interfaces simultaneously, and aggregating if necessary • Forensics ‒ Do you need the ability to ‘Go Back in Time?” Most people do. • Wireless ‒ Do you have any 802.11 networks? If so, make sure the analyzer you choose supports WLAN captures. • VoIP ‒ If you have a VoIP environment, or are planning on having one soon, make sure to choose an analyzer that supports those needs. The Importance of Protocol Analysis © WildPackets, Inc. 11
12.
How We Have
Helped • Saved lives! ‒ Yes, the results and analysis of 802.11 Wi-Fi traffic in a hospital found the source of interference that was causing device outages • Stopped hackers! ‒ The ongoing long term capture in a software company found the source of the attach, and exactly which systems were compromised • Made networks faster! ‒ Many examples of fixing network issues that were causing poor performance. Fixing the issues made the networks much faster. • Proved it wasn’t the network! ‒ Application vs. Network, we prove constantly who the true culprit is! • Made the network users more productive! ‒ By fixing network, application and systems issues, all users are more productive, including network, system, and application administrators! The Importance of Protocol Analysis © WildPackets, Inc. 12
13.
The Feature Presentation
© WildPackets, Inc. www.wildpackets.com
14.
Focusing Blame or
Fixing the Issue? • Now that we know more about protocol analyzers, let’s look at a common problem ‒ Who is to blame? • The performance is bad, so… ‒ Who is to blame? • The Users are complaining… ‒ Who is to blame? • More importantly, where do we focus to find the issue, and fix it! ‒ Stop the Blame Game! Let’s then now focus on solving this issue and not focusing the blame! The Importance of Protocol Analysis © WildPackets, Inc. 14
15.
© WildPackets, Inc.
www.wildpackets.com
16.
The Weigh In
Create a baseline… • Not just, “How much bandwidth am I consuming on my network or segment?” • Also, “How much is the X Application consuming?” ‒ What users connect to it? ‒ What outbound connections does the app do? ‒ With what ports? With what nodes? What times? How often? • It’s impossible to predict the winner if you don’t know your network and applications… … and understand their behaviors. The Importance of Protocol Analysis © WildPackets, Inc. 16
17.
Scoring the FIGHT
What to look for… • Primary events are anything related to “Slow” ‒ Depending on what events we see, we will know who is at fault • Application events: ‒ HTTP slow response time ‒ Oracle slow response time ‒ Inefficient client • Network events: ‒ TCP SLOW segment recovery ‒ Slow retransmissions ‒ Slow acknowledgements ‒ Low throughput Let the Expert Analysis help be the referee The Importance of Protocol Analysis © WildPackets, Inc. 17
18.
Did Someone Say,
"TKO"? Get Proof… System or Application is at fault Network may be at fault The Importance of Protocol Analysis © WildPackets, Inc. 18
19.
Who Won? The
Network? This shows that there are some slow acknowledgements that could be network related… but keep in mind factors like distance Let’s keep looking… The Importance of Protocol Analysis © WildPackets, Inc. 19
20.
Or is it
the System or Application? This shows slow responses that are system or application related Let’s go round by round… The Importance of Protocol Analysis © WildPackets, Inc. 20
21.
Follow Events to
See Who is Involved Use the JAB right-click option and ‘Select Related Packets’ on the event The Importance of Protocol Analysis © WildPackets, Inc. 21
22.
Get the Flows,
Not Just Those Packets Here we would click on ‘Close’, keeping our 113 packets highlighted! The Importance of Protocol Analysis © WildPackets, Inc. 22
23.
Do the Winning
Combo… ‘Select Related’ We can UPPERCUT (right-click) on any highlighted packet and do a ‘Select Related’, then ‘By Flow’ The Importance of Protocol Analysis © WildPackets, Inc. 23
24.
All the Packets
– All the Flows We have selected every packet, in every flow, with the expert event of interest The Importance of Protocol Analysis © WildPackets, Inc. 24
25.
Tale of the
Tape "Scoring the Fight" When we select ‘Slow Server Response Time’, two sessions to the same server are highlighted. This looks like a system or application issue – not the network. But we need proof! The Importance of Protocol Analysis © WildPackets, Inc. 25
26.
Visual Expert is
the Proof! Here is the proof we were looking for! Two requests for data, two quick TCP Acks, but then a long delay before the server sent us the data we requested. Then the Data Payload Requests and Acks gets returned Length = 0 much later Payload Length = 1260 The Importance of Protocol Analysis © WildPackets, Inc. 26
27.
A Closer Look
Looking more granular at the timing, we see that the ACK came back in 70ms, but the data didn’t get sent back for another 854ms! ACK fast = Network fast Data slow = System slow The Importance of Protocol Analysis © WildPackets, Inc. 27
28.
Tune the Expert
for your network Make these times relevant for your network or the task at hand! And use the Import and Export features to quickly switch when necessary The Importance of Protocol Analysis © WildPackets, Inc. 28
29.
And the winner
is… You! What we covered… • Determining whether the application, system, or network is at fault using TCP • Tapping the power of ‘Select Related’ using flows to troubleshoot root causes • Eliminating false positives by tuning Expert Events The Importance of Protocol Analysis © WildPackets, Inc. 29
30.
What’s in your
network? • Manage proactively or by exception ‒ Determine top talkers, nodes, and protocols ‒ Receive early warnings of performance problems anywhere in the network and then quickly drill down for expert analysis ‒ No need to reproduce issues, simply “replay the tape” (network forensics) • Monitor the entire network ‒ Identify issues and optimize VoIP and Video quality of service ‒ Measure quality of services applications are delivering to end users ‒ Evaluate network utilization for capacity planning and upgrades • Optimize and secure your Wireless infrastructure ‒ Identify and fill security holes such has weak encryption or rogue access points ‒ Determine gaps in service across access points • Extend the capabilities for custom applications ‒ Develop plug-ins to integrate with proprietary equipment ‒ Build decodes for proprietary protocols The Importance of Protocol Analysis © WildPackets, Inc. 30
31.
About WildPackets
© WildPackets, Inc. www.wildpackets.com
32.
Corporate Overview
Pioneer and global leader in network and application performance monitoring, management, and analysis. • Our Company ‒ Founded: 1990 ‒ Headquarters: Walnut Creek, CA ‒ Offices throughout US, EMEA, APAC • Our Customers ‒ Thousands of active mid-market and enterprise customers ‒ 60+ countries / 80% of Fortune 1,000 ‒ Financial, government, education, health care, telecom • Our Products ‒ Patented, awarding-winning hardware and software solutions that optimize network performance and eliminate downtime The Importance of Protocol Analysis © WildPackets, Inc. 32
33.
Real-World Deployments
Education Financial Government Health Care / Retail Telecom Technology The Importance of Protocol Analysis © WildPackets, Inc. 33
34.
OmniPeek Network Analyzer
• Standalone Analysis and Remote Analysis UI ‒ Can be used as a portable analyzer, or standalone ‒ Can also connect and configure distributed OmniEngines/Omnipliances • Comprehensive dashboards present network traffic in real-time ‒ Vital statistics and graphs display trends on network and application performance ‒ Visual peer-map shows conversations and protocols ‒ Intuitive drill-down for root-cause analysis of performance bottlenecks • Visual Expert diagnosis speeds problem resolution ‒ Packet and Payload visualizers provide business-centric views • Automated analytics and problem detection 24/7 ‒ Easily create filters, triggers, scripting, advanced alarms and alerts The Importance of Protocol Analysis © WildPackets, Inc. 34
35.
The Importance of
Protocol Analysis © WildPackets, Inc. 35
36.
Omnipliance Network Recorders
• Captures and analyzes all network traffic at the source 24x7 ‒ Runs our OmniEngine intelligent probe software ‒ Generates vital statistics on network and application performance ‒ Intuitive root-cause analysis of performance bottlenecks • Intelligent data transport ‒ Network data analyzed locally ‒ Detailed analysis passed to OmniPeek on demand ‒ Summary statistics sent to WatchPoint for long term trending and reporting ‒ Efficient use of network bandwidth • Expert analysis speeds problem resolution ‒ Fault analysis, statistical analysis, and independent notification • Multiple Issue Digital Forensics ‒ Real-time and post capture data mining for compliance and troubleshooting The Importance of Protocol Analysis © WildPackets, Inc. 36
37.
Unprecedented Network Visibility
NETWORK HEALTH GLOBAL WatchPoint can manage and report on key devices’ performance and availability across the entire network, from anywhere on the network. UNDERSTAND END-USER PERFORMANCE TimeLine and Omnipliance network recorders monitor DISTRIBUTED and analyze performance across critical network segments, virtual environments, and remote sites. PINPOINT NETWORK ISSUES ANYWHERE Omnipliance Portable can rapidly identify and troubleshoot PORTABLE issues before they become major problems—wired or wireless—down the hall or across the globe. ROOT-CAUSE ANALYSIS OmniPeek network analyzer performs deep packet inspection DPI and can reconstruct all network activity, including e-mail and IM, as well as analyze VoIP and video traffic quality. The Importance of Protocol Analysis © WildPackets, Inc. 37
38.
WildPackets Product Lines
Software and Hardware Solutions for Portable and Distributed Network Monitoring and Analysis © WildPackets, Inc. www.wildpackets.com
39.
Product Offerings
Software and Turnkey Appliances • Enterprise Monitoring and Reporting ‒ WatchPoint Server ‒ OmniFlow, NetFlow, SNMP, and sFlow Collectors • Network Probes & Recorders ‒ Omnipliance Network Recorders – Edge, Core ‒ TimeLine Network Recorder ‒ OmniAdapter Analysis Cards • Portable Hardware Solutions ‒ Omnipliance Portable • Windows based Software Solutions ‒ OmniPeek software – Enterprise, Professional, Basic, Connect ‒ OmniEngine software – Enterprise, Desktop, OmniVirtual The Importance of Protocol Analysis © WildPackets, Inc. 39
40.
Omnipliance Network Recorders
Price/performance solutions for every application Portable Edge Core TimeLine Ruggedized Small Networks / Regional Offices / Datacenter Troubleshooting Remote Offices Small Datacenter Workhorse Chassis 1U 3U 3U Memory 24GB 4 GB 6 GB 18 GB Expansion 2 PCI-E 2 PCI-E 4 PCI-E 4 PCI-E Storage 6 TB 1 TB 8 TB / 16 TB 8 TB / 16 TB / 32 TB Max. CTD 4.5Gbps 1Gbps 3.8Gbps 11+Gbps The Importance of Protocol Analysis © WildPackets, Inc. 40
41.
Comprehensive Support and
Services Standard Support Premier Support Maintenance and upgrades 24 x 7 x 365 Telephone and email contacts Dedicated escalation manager Knowledgebase 2 customer contacts per site MyPeek Portal Plug-in reconfiguration assistance WildPackets Training Academy Public, web-based, and on-site classes Complete curriculum: Technology and product focused Practical applications and labs covering network analysis, wireless, VoIP monitoring and advanced troubleshooting Consulting and Custom Development Services Deployment, configuration, and assessment engagement Systems integration and testing Application integration, driver, decode, interface development The Importance of Protocol Analysis © WildPackets, Inc. 41
42.
Key Differentiators
• High-level network monitoring to root-cause analysis • Single solution for today’s converged networks ‒ Wired, Wireless, 1GB, 10GB, VoIP, Video, TelePresence, IPTV • Reduce and even eliminate network downtime ‒ Automated monitoring 24x7 ‒ Speedy resolution of network bottlenecks • Improve network and application performance • Uniquely extensible platform – tailored to your needs ‒ Plug-ins and APIs for integration and customization • Fastest capture to disk performance in the industry The Importance of Protocol Analysis © WildPackets, Inc. 42
43.
Thank You!
& Questions… Check out MyPeek! @ mypeek.wildpackets.com Follow us on SlideShare! Check out today’s slides on SlideShare WildPackets, Inc. www.slideshare.net/wildpackets www.WildPackets.com (925) 937-3200 © WildPackets, Inc. www.wildpackets.com
Baixar agora